MS IIS Spreads Malware

Publié le :

Once again the security qualities of Microsoft IIS shime:

Malicious code is being spread through numerous web sites running Microsoft web servers, automatically infecting Internet users who visit these sites. Affected sites include "businesses that we presume would normally be keeping their sites fully patched," said the SANS Institute, which describes the exploit as a "widespread issue."

The malicious code downloaded from compromised IIS servers is a phishing scam malware.

This time, the proponents of the idea that Microsoft is victim of its market share will have some difficulties to sustain their favorite theory -- i.e. that if Windows has so many security issues it's because it has 95% of the market and if Mac OS X has so few, it's because no one uses it. In June 2004, Microsoft IIS had 21.35% of market share, way below Apache at 67.22%.